[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-stable] [Qemu-devel] [PATCH 00/23] qemu state loading issues
From: |
Michael S. Tsirkin |
Subject: |
Re: [Qemu-stable] [Qemu-devel] [PATCH 00/23] qemu state loading issues |
Date: |
Wed, 4 Dec 2013 13:01:20 +0200 |
On Tue, Dec 03, 2013 at 06:24:24PM +0000, Peter Maydell wrote:
> On 3 December 2013 16:28, Michael S. Tsirkin <address@hidden> wrote:
> > For example:
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=588133#c8
> > https://bugzilla.redhat.com/show_bug.cgi?id=588133#c9
>
> I get "not authorized" errors on both of those.
Oh, sorry :(
You'll have to take my word on it that what happened there
was that a bug reporter saved state and suggested that
developer attempt to load it to reproduce the bug.
> > This patchset is the result of that audit: it addresses this set of
> > security issues by adding input validation and failing migration on
> > invalid input.
>
> I notice that some but not all of these patches have CVE numbers
> in the commit messages -- what's the distinction that meant some
> of them get CVEs and some don't?
>
> thanks
> -- PMM
The one that does not have a CVE is 23/23, this is
a NULL pointer dereference on invalid input, which
is not nice but probably not exploitable.
--
MST
- [Qemu-stable] [PATCH 11/23] stellaris_enet: avoid buffer overrun on incoming migration (part 2), (continued)
- [Qemu-stable] [PATCH 11/23] stellaris_enet: avoid buffer overrun on incoming migration (part 2), Michael S. Tsirkin, 2013/12/03
- [Qemu-stable] [PATCH 21/23] usb: sanity check setup_index+setup_len in post_load, Michael S. Tsirkin, 2013/12/03
- [Qemu-stable] [PATCH 22/23] virtio-scsi: fix buffer overrun on invalid state load, Michael S. Tsirkin, 2013/12/03
- [Qemu-stable] [PATCH 23/23] savevm: fix potential segfault on invalid state, Michael S. Tsirkin, 2013/12/03
- [Qemu-stable] [PATCH 04/23] virtio: out-of-bounds buffer write on invalid state load, Michael S. Tsirkin, 2013/12/03
- Re: [Qemu-stable] [Qemu-devel] [PATCH 00/23] qemu state loading issues, Peter Maydell, 2013/12/03
- Re: [Qemu-stable] [Qemu-devel] [PATCH 00/23] qemu state loading issues,
Michael S. Tsirkin <=